Authentication
These endpoints are used for enterprise auth flows: exchanging tokens and fetching current user data.
Common headers
headers
fingerprint: <FINGERPRINT>
client: <CLIENT_HASH>
accept-language: ru | uz | en (optional; default: uz)
Authorization: Bearer <ACCESS_TOKEN> (required for /auth/me)1) Refresh access token
POST /auth/refresh-token
Uses a refresh token JWT and returns a new access token.
curl
curl -X POST "<BASE_URL>/api/v1/auth/refresh-token" \
-H "Content-Type: application/json" \
-H "client: <CLIENT_HASH>" \
-H "fingerprint: <FINGERPRINT>" \
-d '{ "token": "<REFRESH_TOKEN>" }'2) Get current user info
GET /auth/me
Requires Authorization: Bearer <accessToken>.
curl
curl "<BASE_URL>/api/v1/auth/me" \
-H "client: <CLIENT_HASH>" \
-H "fingerprint: <FINGERPRINT>" \
-H "accept-language: ru" \
-H "token: <DEVICE_PUSH_TOKEN>" \
-H "Authorization: Bearer <ACCESS_TOKEN>"3) Login / SDK sign-in
POST /auth/login
Used by the SDK (client-side login) to obtain JWT tokens.
curl
curl -X POST "<BASE_URL>/api/v1/auth/login" \
-H "Content-Type: application/json" \
-H "client: <CLIENT_HASH>" \
-H "fingerprint: <FINGERPRINT>" \
-H "accept-language: uz" \
-d '{
"phone": "+998998263141",
"pin": "998998263141",
"firstName": "Ali",
"lastName": "Vohidov"
}'Localization
If accept-language is set to ru, uz or en, localized fields are returned. Unsupported values default to uz.